3 matches found
Denial Of Service (DoS)
github.com/hashicorp/consul is vulnerable to Denial Of Service DoS. The vulnerability exists because upstream watch handling was shared between connect-proxy and gateways, allowing an attacker with service:write permission to cause a server and client crash...
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections
Summary A vulnerability was identified in Consul and Consul Enterprise “Consul” an authenticated user with service:write permissions could trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability, CVE-2023-0845, was fixed in Consul...
PT-2022-16801 · Hashicorp +2 · Ingress Gateway +4
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.8.0 through 1.9.14 HashiCorp Consul and Consul Enterprise version 1.10.7 HashiCorp Consul and Consul Enterprise version 1.11.2 Description: The issue allows a user with service:write permissio...